you think therefore i am

Who’s liable for the Playstation Network hack?

That the Playstation Network was hacked is yesterday’s news. The extent of the hack, has to this date not been formally verified. Sony says my login details may have been compromised (makes me wonder if they kept the passwords in plain-text format) but say there is no proof my credit card details were stolen. Uhm… That just means they just haven’t found the proof yet!

This puts me in an awkward position. About two/three weeks ago I decided to un-hack my PSP, because I couldn’t access the Playstation store with the hacked OS to download additional music for my favorite game, Rock Band Unplugged. So, I installed the latest OFW, set up an account, and accessed the store through the game. I entered my credit card details and off I went paying and downloading.

But now, a legal ambiguity has arisen. (Speaking about Swedish legislation only – I know the burden of proof is different in other countries) I am supposed to report to my credit card company if anyone who is not supposed to have access to my card has had access to it. So, I should report to my card company that I was one of the people who had an account with Sony. But Sony hasn’t verified that hackers have had access to my credit card details, and no unauthorized purchases have been made. So there is only a possibility that it may happen in the future. So in theory I should report this. If I do, I have fulfilled my obligations, and if money gets taken of the card without my authorization, the card company has to prove that it was I who made the purchase which I claim I didn’t do. In Sweden, at least, that is the way it works.

So great, I report it. But now I need to check my credit card balance every day for unauthorized transactions… Yay! So, I probably want a new card. But the card company won’t give me a new card since there’s nothing wrong with my existing one (at least not yet)! DOH! I can always pay for a new one – uhm… really?

So to sum it up, Sony have made a big kerfuffle and if I don’t want to be stressing out about reporting unauthorized use of my card, I need to pay for a new card. Will Sony compensate me for that? Doubt it!

Thank you Sony! I’m your biggest fan!

— UPDATE

Turns out I’m not the only one with the same concern:

The legal action by a PSN user claims Sony did not do enough to protect the private data of its customers.

It also asks for compensation and for Sony to pay for credit card monitoring to spot if stolen details are being used fraudulently.